neos/neos Security Advisories for 3.3.7 (2)

  • XSS in various backend modules

    CVE-2022-30429

    Affected version: >=3.3.0,<4.0.0|>=4.0.0,<4.1.0|>=4.1.0,<4.2.0|>=4.2.0,<4.3.0|>=4.3.0,<4.4.0|>=5.3.0,<5.3.10|>=7.0.0,<7.0.9|>=7.1.0,<7.1.7|>=7.2.0,<7.2.6|>=7.3.0,<7.3.4|>=8.0.0,<8.0.2

    Reported by:
    GitHub, FriendsOfPHP/security-advisories

  • Information Disclosure Security Note

    Affected version: >=2.3.0,<2.9.99|>=3.0.0,<3.0.20|>=3.1.0,<3.1.18|>=3.2.0,<3.2.14|>=3.3.0,<3.3.23|>=4.0.0,<4.0.17|>=4.1.0,<4.1.16|>=4.2.0,<4.2.12|>=4.3.0,<4.3.3

    Reported by:
    FriendsOfPHP/security-advisories